Hi, I’m Kunal Deorukhakar, a Penetration Tester and Red Team enthusiast based in India. I focus on web, API, and Android security testing, with hands-on experience in vulnerability assessment, exploit research, and CTFs. I’m passionate about offensive security, continuously sharpening my skills through real-world testing, labs, and security research.

• Red Teaming & Pentesting: AD Exploitation, Web/API/Mobile, Phishing, Pivoting, Threat Simulation
• Security Assessments: Source Code Review, OSINT, Configuration Audits
• Offensive Tools: Mythic C2, Impacket, Rubeus, Mimikatz, Certipy, CrackMapExec
• Appsec Tools: Burp Suite Professional, Postman, Genymotion, MobSF, Frida
• Malware Analysis Tools: Strings, PEstudio, Capa, Ghidra, Procmon, API Monitor, Regshot, Virustotal, Any.Run,
• Programming & Scripting: Python, C, Bash
• Soft Skills: Client Communication, Stakeholder Reporting, Threat Modeling

• PNPT (Practical Network Penetration Tester) - TCM Security
• CAPenX (Pursuing) - SecOps groups
• Red Teaming Learning Path – TryHackMe
• API Penetration Testing - APIsec University
• API Security Fundamentals - APIsec University

• VulnDozer is a Django-based web application for managing security vulnerabilities, projects, and assessments with role-based access control. 🔗 View Project

• This Python script automates the process of generating penetration testing reports in Excel format. It utilizes the requests library to gather data from various sources and the openpyxl library to create and manipulate Excel files.
  🔗 View Project

• A collection of automation scripts and workflows designed to assist in web application bug hunting and reconnaissance. This repository focuses on improving efficiency during bug bounty and VAPT engagements by automating repetitive tasks. 🔗 View Project